capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 20 – Binwalkin’ Around The Christmas Tree #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our twentieth challenge, we’re learning more about the device found in Santa’s workshop. In this challenge, we learned the Device ID, and now we have to reverse engineer the device to determine the firmware and endpoints.

The topics explored in this challenge are firmware reverse engineering, extracting code from firmware, and modifying and rebuilding firmware.

Can we reverse-engineer the device to help Santa? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 16 – SQLi’s The King, The Carolers Sing #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our sixteenth challenge, Elf McSkidy asked Elf Exploit and Elf Admin to assist in clearing the application. When presented with the app’s code, both elves looked a bit shocked, as none of them knew how to make any sense of it, let alone fix it.

The topics explored in this challenge are Structured Query Language (SQL) and the vulnerability – SQL injection. SQL Injection happens when a website creates a dynamic query using user input (without being sanitized/validated). The final topic was ways to mitigate this vulnerability, such as parameterized queries.

Can we help Elf Exploit and Elf Admin secure the website? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 18 – Lumberjack Lenny Learns New Rules #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our eighteenth challenge, we discovered The Best Festival Company Infrastructure has been compromised! Through logs, we determined that Bandit Yeti was the likely culprit. Our job is to experiment and learn threat detection rules to determine the root cause of how Bandit Yeti compromised the system.

The topics explored in this challenge are threat detection, which analyzes abnormal activity, such as malicious signs of compromise on a network. A tool that can be used for threat detection is Sigma. Sigma allows us to create rules to look for malicious activity, such as new user accounts or editing scheduled tasks.

Can we use threat detection tools to find the root cause of Santa’s compromise? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 17 – Filtering For Order Amidst Chaos #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our seventeenth challenge, Elf McSkidy stumbled upon user-submitted inputs on an unrecognizable web application. She then discovered that Santa’s team hadn’t updated these web applications in a long time.

The topics explored in this challenge are input validation and why it’s essential. We developers should never trust user input, as this input can be malicious. The next topic was regular expressions, a technique used to create an allowed list of permitted characters and numbers for your application.

Can we teach Elf McSkidy regex to update the website? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 10 – You’re A Mean One, Mr. Yeti #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our tenth challenge, Elf McSkidy was nowhere to be found. Elf Recon McRed noticed on one of their screens that Elf McSkidy was trapped in a game. Oh, no! An icy note reads, “Only by winning the unwinnable game shall your dear Elf McSkidy be reclaimed.”

The topics explored in this challenge are learning how data is stored in games and other applications. The effects of changing data in memory of a running game. Finally, use simple tools – in this case, Cetus, to find and alter data in memory.

Can Exploit Recon McRed beat the unwinnable game? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 15 – Santa Is Looking For A Sidekick #TisTheSeasonForHacking

Another day, another challenge…


In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.


In our fifteenth challenge, Santa hired a third-party developer to create a website to hire new elves. Elf McSkidy is aware that third-party risks are serious for websites, and have tasked Exploit McRed with testing the website before going live.


The topics explored in this challenge are input validation for file uploading, unrestricted file upload vulnerabilities, phishing through file uploads, and how to properly secure file upload functionality.


Can Exploit McRed determine if the website is safe before going live? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 14 – I’m Dreaming Of Secure Web Apps #TisTheSeasonForHacking

Another day, another challenge…


In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.


In our fourteenth challenge, Elf McSkidy has to review the web application security. She consults Elf Exploit McRed who discovers there’s a web vulnerability – IDOR. Can Elf McSkidy find the IDOR on the server?


The topics explored in this challenge are web applications and databases. Along with learning about OWASP (Open Web Application Security Project), access control, and IDORs (Insecure Direct Object Reference)


Can Elf McSkidy find the IDOR on the server? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 13 – Simply Having A Wonderful PCAP Time #TisTheSeasonForHacking

Another day, another challenge…


In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.


In our thirteenth challenge, the SOC team notice suspicious network activity after investigating the malware in Day 12 challenge. Santa’s SOC team needs to analyze the network traffic to see any malicious activity happening on the network.


The topics explored in this challenge are packet and packet analysis. The tool used is Wireshark which is an industry-standard tool for network protocol analysis and is used for traffic and packet investigations.


Can Santa’s SOC determine if there’s malicious activity on the network? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 12 – Forensic McBlue To The REVscue! #TisTheSeasonForHacking

Another day, another challenge…


In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.


In our twelfth challenge, Forensics McBlue confirmed the malicious document spawned a suspicious binary. Forensics McBlue’s job is to further analyze the binary via Malware Analysis.


The topics explored in this challenge are malware analysis – why it’s important and how it should be done in a safe environment (such as a sandbox). Items to determine if malware is present such as new network connections, registry key modifications, and file manipulations. Finally, there were two tools that were discussed – Detect It Easy (DIE) and CAPA.


Can Forensic McBlue determine if suspicious file is malware? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007

capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 11 – Not All Gifts Are Nice #TisTheSeasonForHacking

Another day, another challenge…


In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.


In our eleventh challenge, Elf McDave clicked on a document and now there’s a command prompt running code on their computer. As Elf McBlue we create a memory dump and analyze the dump to determine the root cause.


The topics explored in this challenge are memory forensics and why it’s important. We’re also introduced to the volatility tool that can be used to determine processes and programs that were executed before a computer crash.


Can Elf McBlue dump the image to determine the root cause? Find out below!

If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007